CVE-2025-36065 – IBM Sterling Connect:Express Adapter for Sterli... (How to Fix)

Q: What is the severity of CVE-2025-36065?

CVE-2025-36065 has a CVSS score of 6.3 (MEDIUM). IBM Sterling Connect:Express Adapter for Sterling B2B Integrator versions 5.2.0.00 through 5.2.0.12 fails to properly invalidate user sessions when a browser is closed, allowing authenticated users to potentially impersonate other users. This affects organizations using the vulnerable versions of this IBM B2B integration software.

📋 TL;DR

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator versions 5.2.0.00 through 5.2.0.12 fails to properly invalidate user sessions when a browser is closed, allowing authenticated users to potentially impersonate other users. This affects organizations using the vulnerable versions of this IBM B2B integration software.

💻 Affected Systems

Products:

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator

Versions: 5.2.0.00 through 5.2.0.12

Operating Systems: Not specified in advisory

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the Connect:Express Adapter component within Sterling B2B Integrator deployments

📦 What is this software?

Sterling Connect\ by Ibm

View all CVEs affecting Sterling Connect\ →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated attacker could hijack another user's session after they close their browser, gaining unauthorized access to sensitive B2B integration data and functions as that user.

🟠

Likely Case

Authenticated users with access to shared workstations could inadvertently or intentionally access another user's session, leading to unauthorized data access or actions.

🟢

If Mitigated

With proper session management controls and workstation security, the risk is limited to accidental session reuse on properly secured systems.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access and access to the same workstation where a user previously closed their browser without logging out

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.2.0.13 or later

Vendor Advisory: https://www.ibm.com/support/pages/node/7257244

Restart Required: Yes

Instructions:

1. Download IBM Sterling B2B Integrator 5.2.0.13 or later from IBM Fix Central. 2. Apply the update following IBM's standard patching procedures. 3. Restart the Sterling B2B Integrator services.

🔧 Temporary Workarounds

Enforce manual logout

all

Require users to manually log out of the application before closing browsers

Implement session timeout

all

Configure application or web server to enforce session timeouts

🧯 If You Can't Patch

Implement strict workstation usage policies requiring manual logout
Deploy web application firewalls with session fixation protection

🔍 How to Verify

Check if Vulnerable:

Check the version of IBM Sterling Connect:Express Adapter in your Sterling B2B Integrator installation

Check Version:

Check the version in the Sterling B2B Integrator administration console or installation directory

Verify Fix Applied:

Verify the version is 5.2.0.13 or higher after applying the patch

📡 Detection & Monitoring

Log Indicators:

Multiple user sessions from same IP/workstation in quick succession
User account accessing unusual functions

Network Indicators:

Session cookies being reused after browser closure

SIEM Query:

source="sterling_b2b" AND (event_type="session_start" OR event_type="authentication") | stats count by user, src_ip | where count > 1

📊 Metadata

CVE ID: CVE-2025-36065

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-613

EPSS Score: 0.03% exploit probability (6.9th percentile)

Published: January 20, 2026

Last Updated: February 3, 2026

🔗 References

https://www.ibm.com/support/pages/node/7257244 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-36065, you might also want to check these: